Digital Bond has started backing Kickstarter projects in order to build up our rack of security assessment and research tools. One of our recent deliveries is the RFIDler, a low-cost 125khz and 134khz RFID tool. RFIDler is an interesting project because it combines an easy-to-use command line interface with a software defined radio, at roughly 1/4th the cost of the Proxmark3. As a tool, it can be used to both easily clone low-security cards and to explore as-yet-unsupported card formats so that you can clone or attack new kinds of proximity card.
For testing the RFIDler, we in the Labs used a handful of unknown tokens, purchased a long, long time ago — so long ago that we didn’t even know what kind of tags they were (let alone where we bought them from). The tags, along with a bare-board unlabeled reader, were originally going to be used as an RFID garage door opener, as a replacement for a standard pinpad. The RFIDler is such a nice tool because now we can find out what kind of reader these badges use, and help us determine whether the project can even be done securely.
The RFIDler contains some nice token exploration commands. The most basic of these is the command-line, ‘autotag’ command, which attempts to read your token using all of the currently supported formats.
‘autotag’ of course attempts all of the format types, many of which produce data. So, what is the actual type of our tag?